Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• About 80 refrigerated containers have been isolated at the Port of Seattle because they might contain contaminated gas and could explode. – IFW.com (See item 15)

15. November 7, IFW.com – (Washington; International) More explosive containers found at port. At least 10 more potentially explosive containers have been found at the Port of Seattle with a question mark still hanging over the fate of the growing collection of containers. Earlier this year, maritime authorities reported three reefer containers exploded or caused a fire, resulting in two fatalities in Vietnam, and one in Brazil. The explosions were believed to be the result of contaminated gas added to the boxes’ refrigeration units during servicing in Vietnam. According to local reports, a growing stack of 80 refrigerated containers at the Port of Seattle has been sitting by itself, isolated from the rest of the port for safety reasons. The U.S. Coast Guard said it is working with the terminal operators to keep the 80 containers away from everyone, but admits there is no specific plan yet for dealing with them. The Pacific Maritime Association, which represents the various terminal operators, said it is looking for a solution to checking each container. These at-risk containers are being turned away from terminal operators, and as a result, they remain out in the public. Meantime, the union is worried about containers that left Vietnam and may have passed through local ports before the security alert was put in place. The three reefers that exploded were operated by Maersk Line, but since the danger was reported, all carriers were scrambling to find any reefers that were repaired in Vietnam since February. Maersk has removed all of its 844 reefer containers that were repaired in Vietnam. Source: http://www.ifw-net.com/freightpubs/ifw/index/more-explosive-containers-found-at-port/20017916576.htm

• Oklahoma residents were shaken by temblors, including the state’s strongest earthquake ever, that cracked buildings, buckled a highway, and jolted a college football stadium. – Associated Press (See item 43)

43. November 6, Associated Press – (National) 5.6 quake strikes Okla., 10 aftershocks follow. Oklahoma residents more accustomed to tornadoes than earthquakes were shaken by temblors that cracked buildings, buckled a highway, and rattled nerves the Associated Press reported November 6. One quake November 5 was the state’s strongest ever and jolted a college football stadium 50 miles away. It was followed by 10 aftershocks by mid-morning November 6. But although homes and other buildings cracked and suffered minor damage, there were no reports of severe injuries or major devastation. The earthquake jolted Oklahoma State University’s stadium shortly after a game ended. The magnitude 5.6 earthquake was Oklahoma’s strongest on record, said a geophysicist with the U.S. Geological Survey. Centered near Sparks, 44 miles northeast of Oklahoma City, it could be felt throughout the state and in Arkansas, Kansas, Missouri, northern Texas, and some parts of Illinois and Wisconsin. It followed a magnitude 4.7 quake November 5 that was felt from Texas to Missouri. Several homeowners and businesses reported cracked walls, fallen knickknacks, and other minor damage. The spokesman for St. Gregory’s University in Shawnee, Oklahoma, said one of the four towers on its “castle-looking” administration building had collapsed, and the other three towers were damaged. He estimated the towers were about 25-feet tall. Source: http://www.cbsnews.com/8301-201_162-57319367/5.6-quake-strikes-okla-10-aftershocks-follow/

Details

Banking and Finance Sector

13. November 7, Computer Weekly – (International) RBS and Natwest online banking down after maintenance glitch. Royal Bank of Scotland (RBS) and Natwest customers were unable to access online or telephone banking over the weekend of November 5 and 6 after maintenance issues. A glitch in a regular maintenance update November 5 took the banking services offline over the weekend. ATM machines and credit card payments were unaffected. An RBS spokesman confirmed all customers with an online bank account were affected, but was unable to provide details. All services are now “running largely as normal”, he said. “The issues emerged as a result of major system changes that took place overnight on [November 4],” said the spokesman in a statement. He said customers who suffered bank charges as a result of the problems will be refunded. The bank said it is possible some direct debit payments bounced and customers incurred charges. The RBS and Natwest online banking services downtime follows problems experienced by HSBC and Barclays customers the week of October 31. HSBC customers across the world had their cards rejected as the bank suffered a major technical problem. Customers were unable to use ATMs, online banking services, or make credit card payments. HSBC said the problems were caused by a mainframe outage. Services are now back to normal. Barclays customers were unable to log on to online bank accounts and encountered extended response times on Internet banking services for 2 days. Source: http://www.computerweekly.com/Articles/2011/11/07/248380/RBS-and-Natwest-online-banking-down-after-maintenance.htm

14. November 5, Lower Hudson Journal News – (New York) Jury convicts ‘polite bandit’ from Cortlandt in 7 bank robberies. A pair earned themselves the nicknames “the polite bandits” for a man’s habit of thanking his victims and bidding them a good day during a 2-month spree of seven armed bank robberies in New York. But that reputation for cordiality earned the other suspect no consideration from a jury of six men and six women who found the defendant guilty of all 18 charges against him. The man, already with two robbery convictions, faces the possibility of spending the rest of his life behind bars. The other defendant began cooperating with authorities shortly after FBI agents and detectives with the bureau’s Westchester County Violent Crimes Task Force arrested the two men in the Bronx April 19, 2010. The defendant, who wielded the .38-caliber revolver in all seven bank robberies in Westchester and Putnam counties, said the other suspect picked out the banks to rob, drove them to each robbery, and gave him the gun and bag he used to collect the stolen loot. He even used his car’s GPS to find another bank to hit February 22, 2010, after the robbery of a Hudson City Savings branch in White Plains yielded only $3,000. The spree began with the robbery of a Chinese restaurant in the Bronx in January 2010 that netted a few hundred dollars. Over the next 2 months, the two men robbed seven banks. Typically, the robber would enter a bank, display the gun, ask for all the cash in the teller drawers and the vaults if they were open. He would then thank his victims and tell them to have a nice day. His accomplice would wait nearby and drove them away after the heists. In all, they stole more than $187,000. Source: http://www.lohud.com/article/20111105/NEWS01/111050343/Polite-bandit-bank-robber-convicted

Information Technology Sector

38. November 7, Softpedia – (International) PayPal account review notification hides phishing campaign. PayPal’s name and reputation are utilized by cybercriminals in the latest phishing scam. The scam masks itself as a notification coming from the PayPal Account Review Team which informs the customer about a credit card issue. According to Sophos, the message alerts the potential victims of a credit card charge that has been blocked by their system since it was unusual. Once the attachment is opened, it reveals a form that replicates a PayPal page in which the user is urged to enter personal information such as name, date of birth, Social Security number, phone, and other sensitive data. PayPal does send notification e-mails, but they never contain attachments. Source: http://news.softpedia.com/news/PayPal-Account-Review-Notification-Hides-Phishing-Campaign-232722.shtml

39. November 4, V3.co.uk – (International) Duqu hackers moved C&C server to Belgium. The hackers behind the Duqu trojan moved the command and control server which communicates with the malware to Belgium to evade detection, according to security researchers at Symantec. The firm noted all samples of Duqu code recovered previously were configured to contact a server hosted in India. “This particular Duqu file [however] was configured to communicate with a server in Belgium with the IP address ‘77.241.93.160’,” Symantec added. “The server has since been taken offline. We appreciate the cooperation from the hosting provider [Combell] in taking action immediately after being contacted.” The security vendor added that six possible organizations in eight countries including France, Vietnam, and Ukraine confirmed infections. Source: http://www.v3.co.uk/v3-uk/news/2122799/duqu-hackers-moved-server-belgium

For more stories, see item 13 in the Banking and Finance Sector above and item 40, below in the Communications Sector

Communications Sector

40. November 7, CNET News – (National) Time Warner Cable gets hit with ‘large’ outage. Time Warner Cable’s Internet customers nationwide experienced a brief outage November 7, the company confirmed. “We appear to be recovering from a large but brief internet outage affecting most of our service areas,” Time Warner Cable said in a tweet on its customer service Twitter page. The company then asked customers to “attempt to connect again. It appears the outage occurred sometime after 6 a.m. Pacific time November 7, and affected people nationwide, at least from New York to Texas. A quick Twitter search reveals many Time Warner Cable customers took to Twitter to complain of the outage. However, the issue appears to have been resolved. Whether it was just a Time Warner Cable issue November 7, though, is unknown at this point. RCN, another cable Internet provider, also apparently experienced some trouble at around the same time as Time Warner Cable, causing some customers from Boston to Pennsylvania to suffer through a brief outage November 7. However, RCN has yet to publicly confirm the reported outage relates to Time Warner Cable’s issues. Source: http://news.cnet.com/8301-13506_3-57319625-17/time-warner-cable-gets-hit-with-large-outage/

41. November 4, Highland Lakes Newspapers – (Texas) Shot cable disrupts phone service. Someone shooting off a weapon may be responsible for shutting down regular phone service as well as some cellphones in Burnet County, Texas, November 3. Residents in the Silver Creek subdivision reported a widespread disruption of phone service at 7 p.m. Customers complained their landline services could not make or receive calls, and some Verizon Wireless customers said that of the few cell phones that were able to make a connection, reception was compromised and full of noise and static. Residents along FM 2341 said their neighbors within a 10-mile radius were without service for about 18 hours. A Verizon representative confirmed the outage November 4, and said a technician reported the aerial (overhead) cable had apparently been shot and damaged from a pasture area along Route 7 of FM 2341. Phone technicians replaced the cable and made necessary repairs, and service was restored at about 1:30 p.m. November 4. Source: http://www.highlandernews.com/news_article.php?category_id=2&article_id=1453

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"